Awesome-Azure-Pentest
A collection of resources, tools and more for penetration testing and securing Microsofts cloud platform Azure.
992 stars
16 watching
185 forks
last commit: 9 months ago
Linked from 2 awesome lists
Awesome Azure Penetration Testing / Tools / Enumeration | |||
| o365creeper | 321 | about 4 years ago | Enumerate valid email addresses |
| CloudBrute | 859 | about 2 months ago | Tool to find a cloud infrastructure of a company on top Cloud providers |
| cloud_enum | 1,641 | 3 months ago | Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud |
| Azucar | 557 | almost 2 years ago | Security auditing tool for Azure environments |
| CrowdStrike Reporting Tool for Azure (CRT) | 702 | over 1 year ago | Query Azure AD/O365 tenants for hard to find permissions and configuration settings |
| ScoutSuite | 6,628 | 29 days ago | Multi-cloud security auditing tool. Security posture assessment of different cloud environments |
| BlobHunter | 310 | 3 months ago | A tool for scanning Azure blob storage accounts for publicly opened blobs |
| Grayhat Warfare | Open Azure blobs and AWS bucket search | ||
| Office 365 User Enumeration | 233 | 5 months ago | Enumerate valid usernames from Office 365 using ActiveSync, Autodiscover v1 or office.com login page |
| CloudFox | 1,901 | about 2 months ago | Automating situational awareness for cloud penetration tests |
| Monkey365 | 804 | 25 days ago | Conduct Microsoft 365, Azure subscriptions and Azure Active Directory security configuration reviews |
| Azure-AccessPermissions | 104 | over 1 year ago | PowerShell script to enumerate access permissions in an Azure AD environment |
| Prowler | 10,641 | 4 days ago | Perform AWS and Azure security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness |
Awesome Azure Penetration Testing / Tools / Information Gathering | |||
| o365recon | 689 | about 2 years ago | Information gathering with valid credentials to Azure |
| Get-MsolRolesAndMembers.ps1 | Retrieve list of roles and associated role members | ||
| ROADtools | 1,833 | about 1 month ago | Framework to interact with Azure AD |
| PowerZure | 1,094 | 29 days ago | PowerShell framework to assess Azure security |
| Azurite | 249 | over 5 years ago | Enumeration and reconnaissance activities in the Microsoft Azure Cloud |
| Sparrow.ps1 | 1,413 | almost 2 years ago | Helps to detect possible compromised accounts and applications in the Azure/M365 environment |
| Hawk | 694 | 9 months ago | Powershell based tool for gathering information related to O365 intrusions and potential breaches |
| Microsoft Azure AD Assessment | 750 | 4 months ago | Tooling for assessing an Azure AD tenant state and configuration |
| Cloud Katana | 243 | 7 months ago | Unlocking Serverless Computing to Assess Security Controls |
| SCuBA M365 Security Baseline Assessment Tool | 1,596 | 3 days ago | Automation to assess the state of your M365 tenant against CISA's baselines |
Awesome Azure Penetration Testing / Tools / Lateral Movement | |||
| Stormspotter | 1,525 | 9 months ago | Azure Red Team tool for graphing Azure and Azure Active Directory objects |
| AzureADLateralMovement | 119 | almost 2 years ago | Lateral Movement graph for Azure Active Directory |
| SkyArk | 867 | almost 2 years ago | Discover, assess and secure the most privileged entities in Azure and AWS |
| omigood (OM I GOOD?) | 18 | about 3 years ago | Scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities |
Awesome Azure Penetration Testing / Tools / Exploitation | |||
| MicroBurst | 2,019 | 12 days ago | A collection of scripts for assessing Microsoft Azure security |
| azuread_decrypt_msol_v2.ps1 | Decrypt Azure AD MSOL service account | ||
| Microsoft-Teams-GIFShell | 223 | about 2 years ago | Microsoft Teams can be leveraged by an attacker, to execute a reverse shell between an attacker and victim piped through malicious GIFs sent in Teams messages |
| MSOLSpray | 897 | 7 months ago | A password spraying tool for Microsoft Online accounts (Azure/O365) |
| MSOLSpray.py | 80 | 4 months ago | A Python version of the MSOLSpray password spraying tool for Microsoft Online accounts (Azure/O365) |
| o365spray | 743 | about 1 month ago | Username enumeration and password spraying tool aimed at Microsoft O365 |
| MFASweep | 1,318 | 22 days ago | A tool for checking if MFA is enabled on multiple Microsoft Services Resources |
| adconnectdump | 602 | 2 months ago | Dump Azure AD Connect credentials for Azure AD and Active Directory |
Awesome Azure Penetration Testing / Resources / Articles | |||
| Abusing Azure AD SSO with the Primary Refresh Token | |||
| Abusing dynamic groups in Azure AD for Privilege Escalation | |||
| Attacking Azure, Azure AD, and Introducing PowerZure | |||
| Attacking Azure & Azure AD, Part II | |||
| Azure AD Connect for Red Teamers | |||
| Azure AD Introduction for Red Teamers | |||
| Azure AD Pass The Certificate | |||
| Azure AD privilege escalation - Taking over default application permissions as Application Admin | |||
| Defense and Detection for Attacks Within Azure | |||
| Hunting Azure Admins for Vertical Escalation | |||
| Impersonating Office 365 Users With Mimikatz | |||
| Lateral Movement from Azure to On-Prem AD | |||
| Malicious Azure AD Application Registrations | |||
| Moving laterally between Azure AD joined machines | |||
| CrowdStrike Launches Free Tool to Identify and Help Mitigate Risks in Azure Active Directory | |||
| Privilege Escalation Vulnerability in Azure Functions | |||
| Azure Application Proxy C2 | |||
| Recovering Plaintext Passwords from Azure Virtual Machines like It’s the 1990s | |||
| Forensicating Azure VMs | |||
| Network Forensics on Azure VMs | |||
| Cross-Account Container Takeover in Azure Container Instances | |||
| Azure Active Directory password brute-forcing flaw | |||
| How to Detect Azure Active Directory Backdoors: Identity Federation | |||
| Azure App Service vulnerability exposed hundreds of source code repositories | |||
| AutoWarp: Cross-Account Vulnerability in Microsoft Azure Automation Service | |||
| Microsoft Azure Synapse Pwnalytics | |||
| Microsoft Azure Site Recovery DLL Hijacking | |||
| FabriXss (CVE-2022-35829): Abusing a Custom Role User Using CSTI and Stored XSS in Azure Fabric Explorer | |||
| Untangling Azure Active Directory Principals & Access Permissions | |||
| How to Detect OAuth Access Token Theft in Azure | |||
| How to deal with Ransomware on Azure | |||
| How Orca found Server-Side Request Forgery (SSRF) Vulnerabilities in four different Azure Services | |||
| EmojiDeploy: Smile! Your Azure web service just got RCE’d | |||
| Bounce the Ticket and Silver Iodide on Azure AD Kerberos | |||
| List of all Microsoft Portals | |||
| Azure Articles from NetSPI | |||
| Azure Cheat Sheet on CloudSecDocs | |||
| Resources about Azure from Cloudberry Engineering | |||
| Resources from PayloadsAllTheThings | 60,304 | 19 days ago | |
| Encyclopedia on Hacking the Cloud | |||
| Azure AD - Attack and Defense Playbook | 2,093 | 9 days ago | |
| Azure Security Resources and Notes | 1,467 | 4 months ago | |
| Azure Threat Research Matrix | |||
Awesome Azure Penetration Testing / Resources / Lab Exercises | |||
| azure-security-lab | 60 | about 6 years ago | Securing Azure Infrastructure - Hands on Lab Guide |
| AzureSecurityLabs | 46 | over 4 years ago | Hands-on Security Labs focused on Azure IaaS Security |
| Building Free Active Directory Lab in Azure | |||
| Aria Cloud Penetration Testing Tools Container | 133 | over 3 years ago | A Docker container for remote penetration testing |
| PurpleCloud | 498 | about 2 months ago | Multi-use Hybrid + Identity Cyber Range implementing a small Active Directory Domain in Azure alongside Azure AD and Azure Domain Services |
| BlueCloud | 122 | almost 2 years ago | Cyber Range system with a Windows VM for security testing with Azure and AWS Terraform support |
| Azure Red Team Attack and Detect Workshop | 609 | over 1 year ago | |
| SANS Workshop – Building an Azure Pentest Lab for Red Teams | The link in the description contains a password-protected OVA file that can be used until 2nd March 2024 | ||
Awesome Azure Penetration Testing / Resources / Talks and Videos | |||
| Attacking and Defending the Microsoft Cloud (Office 365 & Azure AD | |||
Awesome Azure Penetration Testing / Resources / Talks and Videos / Attacking and Defending the Microsoft Cloud (Office 365 & Azure AD | |||
| Presentation Slides | |||
Awesome Azure Penetration Testing / Resources / Talks and Videos | |||
| TR19: I'm in your cloud, reading everyone's emails - hacking Azure AD via Active Directory | |||
Awesome Azure Penetration Testing / Resources / Talks and Videos / TR19: I'm in your cloud, reading everyone's emails - hacking Azure AD via Active Directory | |||
| Presentation Slides | |||
Awesome Azure Penetration Testing / Resources / Talks and Videos | |||
| Dirk Jan Mollema - Im In Your Cloud Pwning Your Azure Environment - DEF CON 27 Conference | |||
Awesome Azure Penetration Testing / Resources / Talks and Videos / Dirk Jan Mollema - Im In Your Cloud Pwning Your Azure Environment - DEF CON 27 Conference | |||
| Presentation Slides | |||
Awesome Azure Penetration Testing / Resources / Talks and Videos | |||
| Adventures in Azure Privilege Escalation Karl Fosaaen | |||
Awesome Azure Penetration Testing / Resources / Talks and Videos / Adventures in Azure Privilege Escalation Karl Fosaaen | |||
| Presentation Slides | |||
Awesome Azure Penetration Testing / Resources / Talks and Videos | |||
| Introducing ROADtools - Azure AD exploration for Red Teams and Blue Teams | |||
Awesome Azure Penetration Testing / Resources / Books | |||
| Pentesting Azure Applications | |||
teamssix/awesome-cloud-security
bytesnipers/awesome-pentest-cheat-sheets